Additional Materials:

Contact:

The Department of Defense (DOD) does not have a financial management enterprise architecture, and it does not have the management structures in place to effectively develop, implement, and maintain one. DOD has not applied recognized best practices--particularly support and sponsorship by the head of the enterprise and assignment of accountability and commensurate authority--to develop, implement, and maintain a DOD-wide financial management enterprise architecture. Nevertheless, DOD's various components are either spending or planning to spend billions of dollars to acquire new or modify existing financial management systems. In the absence of a complete, enforceable enterprise architecture, such investments are unwise. DOD runs the risk that its components will spend billions of dollars to modify and modernize financial management systems independently from one another, forcing DOD to maintain a system that suffers from duplication, limited interoperability, and unnecessarily costly operations and maintenance. As part of its plan to invest in financial management systems modernization, DOD has tried to use lessons learned from its Year 2000 program. DOD can build upon these actions to ensure that it uses recognized best practices for enterprise architecture management. This approach will allow DOD to position itself to cost effectively manage the billions of dollars it plans to spend on financial management operations. This approach will also increase the odds that DOD will modernize its financial management operations and supporting systems in a way that will optimize financial management performance and accountability.

Recommendations for Executive Action

Status: Closed - Not Implemented

Comments: The statutory requirements enacted as part of the National Defense Authorization Act (NDAA) for Fiscal Year 2005 are aimed at improving the department's system investment practices. It required DOD to establish a hierarchy of investment review boards and the Defense Business Systems Management Committee (DBSMC). The NDAA also requires that, beginning October 1, 2005, the DBSMC approve business systems modernizations that will have a total cost in excess of $1 million. In February 2005, the Deputy Secretary of Defense signed the charter establishing the DBSMC. Subsequently, DOD established investment review boards and a process for reviewing investments and having the DBSMC approve the investments. DOD has recently begun reviewing business systems modernizations in order to comply with the NDAA requirements. However, given the recent establishment of these boards, to date there is no evidence that components' investments have been limited. Accordingly, while it is closing this 4-year old recommendation as not implemented, GAO will continue to monitor the department's efforts to comply with the NDAA requirements as part of a current engagement on this topic.

Recommendation: Until a financial management enterprise architecture is developed and the Council is positioned to serve as DOD's financial management investment review board as recommended above, the Secretary of Defense should limit DOD components' financial management investments to (1) deployment of systems that have already been fully tested and involve no additional development or acquisition cost, (2) stay-in-business maintenance needed to keep existing systems operational, (3) management controls needed to effectively invest in modernized systems, and (4) new systems or existing system changes that are congressionally directed or are relatively small, cost effective, and low risk and can be delivered in a relatively short timeframe.

Agency Affected: Department of Defense

Status: Closed - Implemented

Comments: In February 2005, DOD established the Defense Business Systems Management Committee (DBSMC), which is the steering committee for its business enterprise architecture effort. As mentioned earlier, the DBSMC is comprised of senior executives from across DOD and is chaired by the Deputy Secretary of Defense. According to the DBSMC charter, the chair will report to the Secretary of Defense periodically on the progress of DOD's business systems modernization efforts, which includes architecture efforts. These actions are consistent with the intent of GAO's recommendation. GAO has made later recommendations to ensure that the progress reporting continues and will monitor DOD's efforts as part of its follow-up on these later recommendations.

Recommendation: The Senior Financial Management Oversight Council should report to the Secretary of Defense every 6 months on progress in developing and implementing a financial management enterprise architecture.

Comments: In February 2005, DOD established the Defense Business Systems Management Committee (DBSMC), which is the steering committee for its business enterprise architecture effort. The Assistant Secretary of Defense (Networks and Information Integration)/DOD Chief Information Officer (formerly known as the Assistant Secretary of Defense (Command, Control, Communications, and Intelligence) is a member of this committee. As mentioned earlier, the DBSMC is comprised of senior executives from across DOD and is chaired by the Deputy Secretary of Defense. According to the Deputy Under Secretary for Acquisition, Technology, and Logistics and minutes of the DBSMC meetings, specifically those for April through July 2005, program officials briefed the committee on and engaged the committee in discussions on the status of the department's efforts to develop, implement, and maintain the architecture, including the transition plan. As a result, DOD senior executives had visibility into the department's efforts to develop and implement the architecture. These actions are consistent with the intent of GAO's recommendation.

Recommendation: The Assistant Secretary of Defense (Command, Control, Communications & Intelligence) should report at least quarterly to the Senior Financial Management Oversight Council on the Chief Architect's progress in developing a financial management enterprise architecture, including the Chief Architect's adherence to enterprise architecture policy and guidance from the Office of Management and Budget, the Federal CIO Council, and DOD.

Agency Affected: Department of Defense: Office of the Assistant Secretary for Command, Control, Communications, and Intelligence

Status: Closed - Implemented

Comments: In February 2005, DOD established the Defense Business Systems Management Committee (DBSMC), which is comprised of senior leadership from across the department, including the Assistant Secretary of Defense (Networks and Information Integration)/DOD Chief Information Officer (formerly known as the Assistant Secretary of Defense (Command, Control, Communications, and Intelligence) and the Under Secretary of Defense (Comptroller). The DBSMC is responsible for all program activities, including the delivery and approval of the business enterprise architecture. The department appointed a chief architect and program officials stated that the department intends to develop a position description that outlines the roles and responsibilities of the chief architect. DOD established a program office in July 2001 and, according to program officials, the department has adequate staff and funding for developing and maintaining the architecture. According to program officials, the department (1) is taking steps to obtain executive buy-in and support, as evidence by the establishment of the DBSMC, which as stated earlier, is comprised of senior executives from across DOD and is chaired by the Deputy Secretary of Defense; (2) intends to implement the necessary management structure and controls, such as establishing a Configuration Control Board and developing a configuration management process to maintain the architecture; (3) intends to develop plans and define the process and approach for developing the architecture; (4) will develop the target or "To Be" architecture and the transition plan as part of the September 30, 2005 version of the BEA, but will not include the baseline or "As Is" architecture; and (5) intends to use the architecture to guide its business modernization projects and investments. Because DOD has taken actions to address several aspects of this recommendation and these actions are consistent with the intent of the recommendation, GAO is showing this recommendation as closed-implemented. Those aspects not yet implemented have been subsumed in later GAO recommendations on this program. GAO will continue to monitor the department's efforts as part of its follow-up on these later recommendations.

Recommendation: The Secretary of Defense should immediately make the Assistant Secretary of Defense (Command, Control, Communications & Intelligence), in collaboration with the Under Secretary of Defense (Comptroller), accountable to the Senior Financial Management Oversight Council for developing and maintaining a DOD financial management enterprise architecture. In fulfilling this responsibility, the Assistant Secretary should appoint a Chief Architect for DOD financial management modernization and establish and adequately staff and fund an enterprise architecture program office that is responsible for developing and maintaining a DOD-wide financial management enterprise architecture in a manner that is consistent with the framework defined in the Federal Chief Information Officers (CIO) Council's published guide for managing enterprise architectures. In particular, the Assistant Secretary should take appropriate steps to ensure that the Chief Architect (1) obtains executive buy-in support, (2) establishes architecture management structure and controls, (3) defines the architecture process and approach, (4) develops the baseline architecture, the target architecture, and the sequencing plan, (5) facilitates the use of the architecture to guide financial management modernization projects and investments, and (6) maintains the architecture.

Agency Affected: Department of Defense

Status: Closed - Implemented

Comments: In July 2001, the Secretary of Defense took several actions that are in keeping with the intent of GAO's recommendations. First, the Secretary established the Financial Management Modernization Program and directed that the Under Secretary of Defense (Comptroller), in coordination with the Under Secretary of Defense for Acquisition, Technology, and Logistics and the Chief Information Officer, provide policy direction and oversee the execution of all Financial Management Modernization Program efforts. Second, the Secretary established the Program Management Officer that is accountable to the Under Secretary of Defense (Comptroller). The office was directed to develop a DOD-wide financial management enterprise architecture that is consistent with the DOD Chief Information Officer's information technology architecture. Third, the Program Management Office was designated to be responsible for the control and oversight of systems development, acquisition, upgrade, deployment, and other changes for all financial management systems and related non-financial business systems, including legacy systems.

Recommendation: The Secretary of Defense should immediately modify the Senior Financial Management Oversight Council's charter to (1) designate the Deputy Secretary of Defense as the Council chair and the Under Secretary of Defense (Comptroller) as the Council vice-chair, (2) empower the Council to serve as DOD's financial management enterprise architecture steering committee, giving it the responsibility and authority to ensure that a DOD financial management architecture is developed and maintained in accordance with the DOD C4ISR Architecture Framework, (3) empower the Council to serve as DOD's financial management investment review board, giving it the responsibility and authority to select and control all DOD financial management investments and to ensure that its investment decisions treat compliance with the financial management enterprise architecture as an explicit condition for investment approval that can be waived only if justified by a compelling written analysis, and (4) expand the role of the Council's System Compliance Working Group to include supporting the Council in determining the compliance of each system investment with the enterprise architecture at key decision points in the system's development or acquisition life cycle.

Agency Affected: Department of Defense

Status: Closed - Implemented

Comments: In July 2001, the Secretary directed that the Program Management Officer, which is accountable to the Under Secretary of Defense (Comptroller), shall develop a DOD-wide blueprint--an Enterprise Architecture that is consistent with the DOD CIO information technology architecture that prescribes how the department's financial and nonfinancial feeder systems and business processes will interact. The Secretary's actions meet the intent of GAO's recommendation.

Recommendation: The Secretary of Defense should immediately issue a DOD policy that directs the development, implementation, and maintenance of a financial management enterprise architecture.

Agency Affected: Department of Defense

Status: Closed - Implemented

Comments: In commenting on the report, the Deputy Chief Financial Officer noted that the Secretary has stated that financial management reform is one of his highest priorities. Additionally, it was noted that the Department will be establishing a senior steering committee to better ensure the effective implementation of the applicable financial management enterprise architecture and systems. Subsequently, on July 19, 2001 in a memorandum to the military services and defense agencies, the Secretary of Defense stated that one of his highest priorities is to have reliable, accurate, and timely financial information upon which to make the most effective business decisions. The Secretary noted that modernizing the department's business operations and systems is a department-wide priority and will need leadership at every level. To accomplish this goal, the Secretary established a Program Management Office under the direction of the Under Secretary of Defense (Comptroller). This office is responsible for the control and oversight of systems development, acquisition, upgrade, deployment, and other changes for all financial management systems and related nonfinancial business systems. The Secretary's actions are in keeping with the intent of this recommendation.

Recommendation: The Secretary of Defense should immediately designate DOD financial management modernization a departmental priority and accordingly direct the Deputy Secretary of Defense to lead an integrated program across the Department for modernizing and optimizing financial management operations and systems.

Agency Affected: Department of Defense

Status: Closed - Implemented

Comments: Senate Report 107-213 directs that the department report every 6 months on the status of the BEA effort. DOD submitted status reports on January 31 and July 31, 2003; on January 31 and July 30, 2004; and on March 15, 2005. The 2003 and 2004 reports were submitted by DOD's Comptroller, but were not signed by the members of the executive or steering committees. The 2005 report was signed by the Acting Under Secretary of Defense for Acquisition, Technology, and Logistics, who is the vice-chair of the DBSMC. These actions meet the intent of GAO's recommendation.

Recommendation: The Secretary of Defense should report to the Defense authorizing and appropriating committees every 6 months on progress in developing and implementing a financial management enterprise architecture.